Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Iz0guCDiWjKFcx-byNMZDGNA3PQ.roa
File: Iz0guCDiWjKFcx-byNMZDGNA3PQ.roa (raw, json)
Hash identifier: OhODHz9niANNiMLjpGlXqzW5KIur8dZ8kM+Yy5w6+7g=
Subject key identifier: 23:3D:20:B8:20:E2:5A:32:85:73:1F:9B:C8:D3:19:0C:63:40:DC:F4
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 018F232D102356D87C17AC6D60058C37FFD8
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Iz0guCDiWjKFcx-byNMZDGNA3PQ.roa
Signing time: Sun 28 Apr 2024 05:28:26 +0000
ROA not before: Sun 28 Apr 2024 05:28:26 +0000
ROA not after: Tue 01 Jul 2025 00:00:00 +0000
asID: 212477
IP address blocks: 45.130.119.0/24 maxlen: 24
45.137.198.0/23 maxlen: 24
45.137.204.0/23 maxlen: 24
45.137.206.0/24 maxlen: 24
45.137.207.0/24 maxlen: 24
45.138.19.0/24 maxlen: 24
45.139.50.0/23 maxlen: 24
45.140.140.0/22 maxlen: 24
45.140.188.0/22 maxlen: 24
45.140.212.0/23 maxlen: 23
45.140.212.0/24 maxlen: 24
45.140.213.0/24 maxlen: 24
193.37.248.0/24 maxlen: 24
193.176.244.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 May 2024 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:8f:23:2d:10:23:56:d8:7c:17:ac:6d:60:05:8c:37:ff:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Apr 28 05:28:26 2024 GMT
Not After : Jul 1 00:00:00 2025 GMT
Subject: CN=233d20b820e25a3285731f9bc8d3190c6340dcf4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:ec:4e:0b:43:b0:8f:24:80:7f:00:d4:1e:49:
80:fe:25:f4:c9:92:45:12:41:6b:96:76:20:ef:f6:
f0:2d:44:27:8c:35:36:52:25:36:d9:52:51:46:6a:
12:49:02:fa:da:68:d9:4b:04:26:60:18:a8:2c:75:
ff:47:c6:93:46:15:97:d5:4a:53:74:b8:64:43:cf:
48:d5:c8:c6:e2:01:ab:96:f1:d5:33:58:80:fe:7e:
72:db:38:5a:ff:f0:61:f0:54:a7:79:1a:24:a4:da:
ea:94:65:9c:95:f4:9d:cb:67:5f:79:5a:d9:dc:f5:
b0:92:81:87:56:3e:61:63:63:1f:9f:90:8c:0a:48:
24:84:c9:3a:2a:b9:f1:d0:24:63:c6:4e:8e:ea:da:
90:6d:92:4a:53:1a:78:c0:2b:19:ab:74:84:6d:41:
8a:88:64:4d:ac:18:33:dc:a4:70:63:a1:02:b4:c3:
84:a8:2a:bc:6c:59:cf:1b:37:a2:81:a8:f1:18:d1:
4a:6f:13:69:ac:b9:df:06:63:26:eb:e3:66:5a:f8:
c6:58:bb:b5:e5:35:a8:58:f3:e9:1f:ad:5c:e3:68:
d8:a1:06:6d:1a:96:2f:5a:32:8f:b9:f8:2a:3c:3b:
86:56:c1:c7:29:44:11:f0:6c:b2:30:00:9e:c2:bf:
7c:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:3D:20:B8:20:E2:5A:32:85:73:1F:9B:C8:D3:19:0C:63:40:DC:F4
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/Iz0guCDiWjKFcx-byNMZDGNA3PQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.119.0/24
45.137.198.0/23
45.137.204.0/22
45.138.19.0/24
45.139.50.0/23
45.140.140.0/22
45.140.188.0/22
45.140.212.0/23
193.37.248.0/24
193.176.244.0/23
Signature Algorithm: sha256WithRSAEncryption
c0:cf:fc:85:c7:b4:e9:58:85:84:7c:c6:71:21:4b:5a:6b:fa:
f0:29:75:56:29:4b:fa:2e:43:5b:e3:ac:ed:51:fc:76:8d:d3:
52:6b:7a:b6:44:bf:a2:d0:4a:e1:96:0f:92:36:30:1f:31:e5:
6b:83:d4:47:b6:aa:74:88:97:8e:74:02:65:3f:bc:19:68:dc:
40:1c:93:92:c9:db:6d:30:4b:0e:46:20:53:0a:47:eb:93:74:
64:97:45:a1:07:a4:ac:c2:12:8d:ca:ae:37:a2:95:cf:cf:00:
e8:49:95:11:27:4e:af:b9:30:ed:b9:e0:6e:57:94:2c:15:9f:
42:21:9b:8f:3a:3a:61:d1:89:c4:81:16:48:eb:64:c5:98:94:
07:bb:5e:95:32:73:51:b3:ba:18:7f:16:a0:7a:ee:8d:7a:8e:
ae:24:a2:ff:37:8a:22:62:e8:b3:19:3b:b4:2c:1f:4a:7d:b8:
b3:6b:f2:a1:00:90:b6:b7:36:cb:d9:96:1b:9c:b4:8f:8c:38:
84:d6:22:6c:c8:02:d0:10:63:93:8f:79:63:b5:64:d8:a8:28:
e6:28:ea:7d:c9:66:6c:8e:a5:19:c3:c0:11:85:30:48:10:98:
84:06:76:1a:8e:52:2f:12:fd:05:cc:09:17:d4:a0:44:d7:1f:
5f:f6:46:6b
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAY8jLRAjVth8F6xtYAWMN//YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjQwNDI4MDUyODI2WhcNMjUwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzNkMjBiODIwZTI1YTMyODU3MzFmOWJjOGQzMTkwYzYzNDBkY2Y0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApuxOC0OwjySAfwDUHkmA/iX0yZJF
EkFrlnYg7/bwLUQnjDU2UiU22VJRRmoSSQL62mjZSwQmYBioLHX/R8aTRhWX1UpT
dLhkQ89I1cjG4gGrlvHVM1iA/n5y2zha//Bh8FSneRokpNrqlGWclfSdy2dfeVrZ
3PWwkoGHVj5hY2Mfn5CMCkgkhMk6Krnx0CRjxk6O6tqQbZJKUxp4wCsZq3SEbUGK
iGRNrBgz3KRwY6ECtMOEqCq8bFnPGzeigajxGNFKbxNprLnfBmMm6+NmWvjGWLu1
5TWoWPPpH61c42jYoQZtGpYvWjKPufgqPDuGVsHHKUQR8GyyMACewr98OQIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFCM9ILgg4loyhXMfm8jTGQxjQNz0MB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvSXowZ3VDRGlXaktGY3gtYnlOTVpER05BM1BRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQALYJ3AwQB
LYnGAwQCLYnMAwQALYoTAwQBLYsyAwQCLYyMAwQCLYy8AwQBLYzUAwQAwSX4AwQB
wbD0MA0GCSqGSIb3DQEBCwUAA4IBAQDAz/yFx7TpWIWEfMZxIUtaa/rwKXVWKUv6
LkNb46ztUfx2jdNSa3q2RL+i0Erhlg+SNjAfMeVrg9RHtqp0iJeOdAJlP7wZaNxA
HJOSydttMEsORiBTCkfrk3Rkl0WhB6SswhKNyq43opXPzwDoSZURJ06vuTDtueBu
V5QsFZ9CIZuPOjph0YnEgRZI62TFmJQHu16VMnNRs7oYfxageu6Neo6uJKL/N4oi
YuizGTu0LB9Kfbiza/KhAJC2tzbL2ZYbnLSPjDiE1iJsyALQEGOTj3ljtWTYqCjm
KOp9yWZsjqUZw8ARhTBIEJiEBnYajlIvEv0FzAkX1KBE1x9f9kZr
-----END CERTIFICATE-----
Generated at Fri May 17 09:04:19 2024 by rpki-client on console-fra.rpki-client.org